EFF Criticizes Meta After Instagram Removes End-to-End Encryption

Instagram has removed end-to-end encryption from direct messages, ending an optional privacy feature that Meta says very few people used.

The change means Instagram DMs still use standard encryption in transit, but they no longer include the stronger protections that prevent platform operators from accessing message contents.

Meta Says Very Few Users Enabled It

According to Meta, adoption of Instagram’s encrypted chats remained extremely low. The feature was optional, buried behind multiple setup steps, and never enabled by default.

Privacy advocates argue that low usage was predictable from the start. Groups like the Electronic Frontier Foundation say most users likely never even knew the feature existed.

Critics also point out that opt-in security features historically struggle with adoption because average users rarely search for hidden privacy settings manually.

Meta Previously Promoted Encrypted Messaging

The removal marks a noticeable shift from Meta’s earlier messaging strategy.

In 2022 and 2023, Meta publicly discussed expanding encrypted communications across Messenger and Instagram DMs, describing the goal as creating a “trusted private space” for users.

Instead of continuing development, Meta now directs users seeking stronger privacy protections toward WhatsApp, where end-to-end encryption remains enabled by default.

Privacy Critics See a Major Reversal

Privacy advocates argue encrypted messaging should exist across all major Meta platforms, not only WhatsApp.

Some critics see the decision as Meta backing away from long-term privacy commitments after spending years promoting secure messaging initiatives publicly.

Meta also still reportedly has not delivered end-to-end encryption support for Messenger group chats, another point frequently raised by privacy organizations.

Instagram Now Lags Behind Rivals

The move comes while other technology companies continue expanding encrypted communication systems.

Apple and Google are actively working on end-to-end encrypted RCS messaging, while Signal continues focusing heavily on privacy-focused usability improvements.

That contrast makes Instagram’s decision stand out even more, especially as encrypted messaging increasingly becomes an industry standard expectation.

What Changes for Users

Without end-to-end encryption, Instagram messages remain encrypted while traveling between devices and Meta’s infrastructure.

However, Meta still retains server-side access to message contents. That means messages could theoretically be accessed through moderation systems, law enforcement requests, internal tools, or future security breaches.

For users who prioritize private communications, platforms like WhatsApp or Signal may now offer significantly stronger protections.

The encryption removal also arrives during a difficult period for Meta. The company has recently faced criticism over AI monitoring initiatives and reports of planned layoffs affecting thousands of employees.

For critics, Instagram’s E2EE removal adds to growing concerns that Meta is prioritizing platform control and AI expansion over earlier privacy-focused commitments.